search for: restrictaccess

Hello, my enviroment: All Servers are Ubuntun 16.04-18.04 SAMBA AD DC Server and several SAMABA DOMAIN MEMBER (connected via WINBIND). In ADDC I've created a group "restrictaccess" and added some users. Now when im typing "id <username>" on a Domain Member, for some users the group "restrictaccess" are listed for some not! For example: ON DC: # samba-tool group listmembers restrictaccess user1 user2 ON Domain Member: # id user1 uid=10...

Thank for your answer: But i dont know understand why is following not working: I want to restrict the ssh access for a special domain member: In my "sshd_config" i added: AllowGroups restrictaccess root With user2 im able to login via ssh! log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE With user1 im not! log: User user1 from 192.168.0.100 not allowed because none of user's groups are listed in AllowGroups. Have a look to my email previously "id user2...

...12:20:04 +0200 Micha Ballmann via samba <samba at lists.samba.org> wrote: > Hello, > > my enviroment: > > All Servers are Ubuntun 16.04-18.04 > > SAMBA AD DC Server and several SAMABA DOMAIN MEMBER (connected via > WINBIND). In ADDC I've created a group "restrictaccess" and added > some users. > > Now when im typing "id <username>" on a Domain Member, for some users > the group "restrictaccess" are listed for some not! > > For example: > > ON DC: > > # samba-tool group listmembers restrictaccess &g...

Hi, I'm wondering if it's possible to have some users restricted to only login via POP3 or only IMAP (likewise for IMAPS/POP3S). Returning a particular field with the userdb sql query (protocols=imaps did not work), perhaps setting up a different passdb? Is this possible with dovecot? -Adam

Is there a way to restrict my user logins from a set of IPs? For example, all my users are in the US so there shouldn't be any logins from other countries. Can I tell dovecot to restrict logins to a CIDR list of US IPs? Can someone point me to docs on how to set this up? I've searched but haven't found how to accomplish this. Thanks, -Terry Terry Barnum digital OutPost

...anks, -Terry iPhone says Hello World! > On Sep 16, 2015, at 6:31 PM, Benny Pedersen <me at junc.eu> wrote: > > Terry Barnum skrev den 2015-09-17 02:32: > >> I've searched but haven't found how to accomplish this. > > http://wiki2.dovecot.org/Authentication/RestrictAccess > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets > > took me 3 sec :=) >

Hey guys, Is it possible to deny a user on POP or IMAP! For example, on the primary server we use POP3 and IMAP but how I can force a user to use POP3 and be unable to authenticate on IMAP ? Thanks Sebastien

Hello list, I have found imap_allowed option in dovecot which do exactly what I need, for imap. Is there something similar for pop3 protocol? The main goal for it - is to enable pop3 access to specific users. Or maybe dovecot have some 'pop3=yes' or 'imap=no' args to userdb/passdb sections ? I know future dovecot 2.* versions will support rewriting for protocols, but this is

Hello, I have all userdata in a ldapserver. Every user has the right to use pop3. There is no explicit attribute allowing that. It's simply possible. Now I like to add imap. For a starting period I like to restrict, who may use imap. http://wiki2.dovecot.org/Authentication/RestrictAccess mention a solution where I could modify ldap pass_filter. But that require an attribute "service=pop3" to be present in the ldap servers. In my case I have to add it for every existing user :-/ No way... Are there other options? Thanks, Andreas

Hello. Tried search, no luck, sorry, if this is already answered, but I'm still looking a solution using pam_auth how to define in dovecot which user can access which protocol, for example, default is: protocols = pop3 pop3s imap imaps I'd like to use something like this: exclude_using_pop = user1, user2, @group exclude_using_pops = user1, user2, @group exclude_using_imap = user1,

On 2016-05-18 11:52, Aki Tuomi wrote: > On 18.05.2016 12:44, Tom Sommer wrote: >> I'm trying to lock down a maildir from modifications using >> dovecot-uidlist.lock, but when a user with mailbox.auto = create logs >> in, then the folder is created regardless of dovecot-uidlist.lock >> existing or not. >> >> Is there no way to prevent dovecot from

I have some users that I will not allow to use POP3 thru my system, but force them to use webmail. Would it be possible to put an extra option in dovecot.conf to force this: # ----------------------------------------------------------------- # Logon processes # user = <username>,<password> # ----------------------------------------------------------------- user =

Terry Barnum skrev den 2015-09-17 02:32: > I've searched but haven't found how to accomplish this. http://wiki2.dovecot.org/Authentication/RestrictAccess http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets took me 3 sec :=)

Hi at all, using deny passwd to restrict IMAP/POP3 access (https://wiki.dovecot.org/Authentication/RestrictAccess), I get deny passdb match messages: Feb 13 16:09:33 server-02 dovecot: auth: passwd-file(USERNAME,10.10.10.46,<9hzaYRllbsCTehgu>): User found from deny passdb only with auth_verbose=yes, sets global or defined in passdb block. But if I set auth_verbose=yes, for every user not present in...

[dovecot-2.3.2.1] I have dovecotrunning icw postfixandhave IMAP and POP3 available to retrieve mail. Can you tell me how I can configure Dovecot in order to force certain users to use POP3 (download messages) only? Thanks, Jos -------------- next part -------------- An HTML attachment was scrubbed... URL:

I'm converting my system from mbox to Maildir one user at a time, and I'd like to disable access for the user I'm working on. Is there a way to tell Dovecot to lock out a specific user? Perhaps with a control file in the home directory? At the same time, how can I get sendmail+procmail to tempfail incoming messages for one user until I'm done?

Hello. I'd like to know if there is a way to differ between imap and pop3 during mysql-auth. I would need the possibility to allow some users imap and only allow pop3 to the rest. I think there could be a flag that'll be substituted in my auth query. Thanks for infos. Regards. ____________________________________________________________________________________ Cheap talk? Check out

It would be great to have a HOWTO in the wiki, on how to restrict services by username in dovecot, so some users are allowed IMAP and others not allowed. As concerns restricting users by IP, I believe that is a bad idea. It's almost a useless idea, imnsho, because they can connect from another IP. It's easy to restrict services by IP using a firewall or by using inetd. -Wash

Hello 1 - Is there a way to forbid log in of some Dovecot's users ? I use NIS as authentication mechanism. 2 - Is it possible to forbid some machines (IP addresses ) to connect to Dovecot server ? Thank you

Hello, I have all the users and passwords in separate files like in the configuration below. I want that a specific user (ex: joe at domain.con) to be able to read mails using imaps only from a specific IP. All the other users should be able to read email from any IP. How can I do that? Thank you Imap version: #dovecot --version 1.2.12 dovecot.conf: # 1.2.12: /etc/dovecot/dovecot.conf